Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

I've given Comodo a try or two over the years. I honestly don't seem to be able to wrap my head around it because it always more or less frustrates me to the point that I just uninstall it. Everybody raves about how great it is, but in the few times I have posted questions on this very board with regards to the problems that I had, the diehards weren't really able to give me much help. Example: Comodo Firewall question

For me personally, I just use the built-in Windows firewall as well as my Linksys router as the NAT firewall on the outside. The reasons for my choice is to keep things simple. I rarely have a problem of any kind on my computer from a security standpoint. And I don't really care much if my installed applications make a few outbound connections to check into the mothership. As far as I can tell, nothing bad has come from it. My virus scanners hardly ever squawk about anything, malware bytes scan always come back 100% clean...and I also use Spyware Blaster (but I'm unsure if it helps me at all...since I never get into anything). Most of my security measures are common sense. I don't click random links, I don't click on crap in facebook, I don't use pirated software, i don't search for serial numbers or key generators, I don't use peer to peer applications, I don't pirate games and I don't scour the net looking for porn sites to visit. And I also use opendns for my DNS servers and have a fair amount of stuff blocked from there.

While you are entitled to your opinion, it seems unnecessary to attempt to impose it by using denigrating comments. You can call it nonsensical, paranoia or anything else that you like, but it shall not influence me in the least.

Understand something, I setup firewalls for a living, for large corporations that actually have something to protect and keep secret. If you cannot handle my "opinion" oh well, deal with it. If it bothers you to be called paranoid then maybe you should not do things that make you seem paranoid. I'm not going to coddle you with fluffy bunnies and rainbows.

i would seem that you feel like arguing, but if so, you didn't get my message previously. Your opinion means nothing to me, so if you simply feel like wasting your and the readers time, go ahead and rant.

If you don't care about opinions then you should not have posted a question on a public forum filled with opinions. And I already told you, if you want a full-blown firewall that is the best then the best is a hardware firewall at the furthermost edge of the network.

It would seem that we have similar attitudes about the subject...at least to a degree. However, I don't have all that much confidence in my router's firewall, because even with it, I have had occasions when my software firewall would squawk about attempted port scans. If the router firewall was really doing it's job, that shouldn't happen.

Your opinion means nothing to me, so if you simply feel like wasting your and the readers time, go ahead and rant.

He may have been a bit blunt on his response, but I cannot say that I completely disagree with Logicearth's stance on the use of software based firewalls.

An external NAT firewall (router) is your best line of defense, and will stop that script kiddy who doesn't have much skill. And those with the skills are most likely focusing their efforts elsewhere (like bringing down the Playstation network). You really do want your firewalls on the perimeter of your network (at the edges), you don't want go get people all the way into your actual PC.

I don't want to come out and say that those who take the time to protect any and all outbound connections are wasting their time...but I do believe that in most cases their efforts to lock down their systems are mostly an exercise/drill...which isn't ever really necessary. So, I'd rather suggest to people that their time may be spent better in other areas as long as they have a hardware based firewall...like a NAT based router keeping most things away.

It would seem that we have similar attitudes about the subject...at least to a degree. However, I don't have all that much confidence in my router's firewall, because even with it, I have had occasions when my software firewall would squawk about attempted port scans. If the router firewall was really doing it's job, that shouldn't happen.

If that's the case, I would think about getting a different router, stat!! Unless you have configured your router to allow port forwarding, or you have your PC configured in a DMZ..you better NEVER get a port scan from the outside to your PC. if you did, it could be because your PC made an outbound connection to something nefarious, and a NAT based router would allow return traffic from that address. Aside from that, unless the router has an entry in it's NAT table...it better be dropping/rejecting all of those incoming packets.

It would seem that we have similar attitudes about the subject...at least to a degree. However, I don't have all that much confidence in my router's firewall, because even with it, I have had occasions when my software firewall would squawk about attempted port scans. If the router firewall was really doing it's job, that shouldn't happen.

If that's the case, I would think about getting a different router, stat!! Unless you have configured your router to allow port forwarding, or you have your PC configured in a DMZ..you better NEVER get a port scan from the outside to your PC. if you did, it could be because your PC made an outbound connection to something nefarious, and a NAT based router would allow return traffic from that address. Aside from that, unless the router has an entry in it's NAT table...it better be dropping/rejecting all of those incoming packets.

That may be true, but my router is a Cisco E3000, which is supposed to be a top-line router. If it can't handle the job, I'm reluctant to spend more time and money looking for another. If your hypothesis about it being due to a response to an outbound connection is right, that only reinforces the importance of a software firewall that does controls outbound traffic.

I seriously doubt you had a port scan from outside your network. A port scan would not have made it to your computer unless you specifically configured your router to do so. Your public IP does does not point to your computer, rather to your router. Any port scan attempted on that IP would scan your router, not your computer.

That may be true, but my router is a Cisco E3000, which is supposed to be a top-line router.

I have read good things about it.

Quote: Originally Posted by seekermeister

If it can't handle the job, I'm reluctant to spend more time and money looking for another.

This isn't a hard job, any router that does NAT translation should be blocking this...100% of the time.

Quote: Originally Posted by seekermeister

If your hypothesis about it being due to a response to an outbound connection is right, that only reinforces the importance of a software firewall that does controls outbound traffic.

To some extent, but looking at it another way...you might also want to evaluate the types of software that you install and use on your on your computer. If it's something like malware well then you obviously didn't put it there on purpose. But I don't know if I've seen much malware that opens up outbound connections to then allow port scans. Best case scenario they get a port listing of open ports, but are then blocked when they try to establish an inbound connection to those ports. I just don't see what the gain would be.

If this were me, I would do the following
1). Look at outbound logs on router? See if you are making outbound connections to same IP addresses that are getting flagged as doing the port scans.
2). Since this is a wireless router, be sure you don't have somebody leaching off your connection? Turn of ESSID broadcast, shut off DHCP functionality, use obscure network range in private range, enable MAC address filtering, use something like WPA2 with a horribly long security key.
3). Double check that your PC isn't sitting in a designated DMZ port. (I've seen this countless times)
4). Double check that you don't have a range of ports being forwarded by your router somehow. (less likely than above)
5). Call Cisco/Linksys and see if they have any known firmware issues, or bugs, or obscure configuration settings which could allow this problem.

Without a doubt, your situation would have me very concerned. But I wouldn't necessarily turn to a software firewall on my PC as my first line of defense to prevent it from happening....I'd rather figure out why the first line of defense products are not working.

I'm checking out at this point for the night, as it's 4:22am where I am and my kids will be up in about 4 hours.

Best Firewall

Windows firewall blocking .exe file even after firewall is disabledHey everyone,
This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out.
I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...

System Security

Windows Firewall disables itself every 5 or 6 hours "Wndows Firewall iI have a problem with Windows Firewall disabling itself every 5 or 6 hours on my computer! Windows Firewall will automatically disable itself and give the following message "Windows Firewall is not using the recommended settings to protect your computer." with only one option "use recommended...

System Security

Windows Firewall starts with 3rd party firewall installed and activeHi guys,
Could anyone explain to me why Windows Firewall starts when I have Comodo Firewall installed and running?
It makes me nervous! :confused:
I have a fresh installation of Comodo Internet Security.
The only reason I knew it was running was because I got the message after a reboot,...

System Security

Can't share network with firewall on, can't reset firewall to defaultI suddenly noticed my desktop wasn't on the network any more. On inspection, network discovery and file sharing was disabled. I tried to enable it, but it would not. I found out if I turned off the firewall it worked fine. I tried to reset the firewall to default, but I get "Could not restore the...

Network & Sharing

Windows Personal Firewall service and Mcafee firewall not turning onI have been dealin with this 2 days now and went through all the steps recommended by Microsoft... even downloaded Virtual tech for mcafee and FIx it for MS none worked. went to google to try to follow other advises and tried to do malware removal . after it i followed these steps:
Download both...